﻿/**
* QSmart Andon
*
* 2012-10-11
* 
* steven.li
*
* Copyright(c) 2012 All Rights Reserved. Taiyou Tech(GUANGZHOU) Co.,Ltd.  (广州太友科技) [ sales@gztaiyou.com]. 
*
*/
using System;
using System.Linq;
using System.Web;
using FX.CC.Andon.Utility.Common;

namespace FX.CC.Andon.WebSite
{
    public class Global : HttpApplication
    {
        private System.ComponentModel.IContainer components = null;

        public Global()
        {
            InitializeComponent();
        }

        private void InitializeComponent()
        {
            this.components = new System.ComponentModel.Container();
        }

        protected void Application_Start(object sender, EventArgs e)
        {
            EventsLog.SetConfig();
        }

        protected void Session_Start(object sender, EventArgs e)
        {

        }

        protected void Application_BeginRequest(object sender, EventArgs e)
        {
            StartProcessRequest();
        }

        private static void StartProcessRequest()
        {
            const string sqlErrorPage = "~/";
            {
                for (int i = 0; i < HttpContext.Current.Request.QueryString.Count; i++)
                {
                    string getkeys = HttpContext.Current.Request.QueryString.Keys[i];
                    if (!ProcessSqlStr(HttpContext.Current.Request.QueryString[getkeys]))
                    {
                        HttpContext.Current.Response.Redirect(sqlErrorPage);
                        HttpContext.Current.Response.End();
                    }
                }
            }
        }

        private static bool ProcessSqlStr(string Str)
        {
            var returnValue = true;
            try
            {
                if (Str.Trim() != "")
                {
                    const string sqlStr = " exec.update.declare.exe.varchar.truncate.create";
                    var anySqlStr = sqlStr.Split('.');
                    if (anySqlStr.Any(ss => Str.ToLower().IndexOf(ss) != -1))
                    {
                        returnValue = false;
                    }
                }
            }
            catch
            {
                returnValue = false;
            }
            return returnValue;
        }

        protected void Application_AuthenticateRequest(object sender, EventArgs e)
        {

        }

        protected void Application_Error(object sender, EventArgs e)
        {
            Exception objExp = HttpContext.Current.Server.GetLastError();
            EventsLog.WriteLog("\r\n客户机IP:" + Request.UserHostAddress + "\r\n错误地址:" + Request.Url + "\r\n异常信息:" + Server.GetLastError().Message, objExp);
        }

        protected void Session_End(object sender, EventArgs e)
        {

        }

        protected void Application_End(object sender, EventArgs e)
        {

        }
    }
}